Shade Ransomware stopped working, apologized to the victims, and released 750,000 decryption keys

If you are interested in the field of security - bring security, surely you are no stranger to the name Shade Ransomware (Troldesh). This extortion malware can be considered one of the worst 'nightmares' that have clung to the security world for many years. However, the people behind the operation of Shadow Ransomware have officially issued a statement of decommissioning, issued more than 750,000 decryption keys, and made a public apology for the damage they have caused to the victims. multiply.

Shade Ransomware was first discovered around 2014. Unlike other popular ransomware strains, this ransomware mainly targets people in Russia, Ukraine, as well as many other CIS countries.

The collapse of Shade Ransomware is a consequence of what has been predicted after the recession process and has lost its effectiveness over the past half year. According to security expert Michael Gillespie, founder of cybersecurity organization ID Ransomware, Shade Ransomware's attack performance has been declining rapidly and continuously since the end of 2019, due to not much change. new in the way they are spread, making them easier to break down and prevent early by advanced security systems.

The number of reported infections has dropped sharply

Recently, Shade Ransomware miners have created a repository on GitHub and announced that they have stopped distributing malicious code since the end of 2019. In addition, apologies, decryption keys as well as documentation on how to Data recovery encrypted by Shade Ransomware has also been launched:

'We are the team that created a trojan encoder, commonly known as Shade Ransomware, Troldesh or Encoder.858. In fact, we stopped distribution in late 2019, and now is a good time to end this whole story. There will be more than 750,000 decryption keys, along with the software and decoding instructions released by us in the near future as a sincere apology to anyone who has been in trouble with Shade. Ransomware. In addition, all other data related to our operations (including the trojan's source code) will be completely destroyed. '

Indeed, there were 5 key decryption key groups attached to the attackers in the repository, equivalent to more than 750,000 individual decryption keys for the victims. Along with that is a detailed guide on how to use the decryption key and link to their decryption program.

Key decode

However, the initial assessment showed that using the decryption key is not simple, and most ordinary users will find it hard to decode the document on their own, even with relatively detailed instructions.

To help support Shade Ransomware victims, Kaspersky said it will update its RakhniDecryptor ransomware decryption tool to include these keys and make it easy for victims to recover their data for free.

If you need to download the Ransomware decryption key, you can download it here: github.com/shade-team/keys